Linux Distros Unpatched Vulnerability : CVE-2022-27239

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root...

Linux Distros Unpatched Vulnerability : CVE-2022-49638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add READONCE to avoid data-races...

Linux Distros Unpatched Vulnerability : CVE-2022-2589

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site Scripting XSS - Reflected in GitHub repository beancount/fava prior to 1.22.3. CVE-2022-2589 Note that Nessus relies on the presence of the package a...

Linux Distros Unpatched Vulnerability : CVE-2024-45338

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This...

Linux Distros Unpatched Vulnerability : CVE-2022-30629

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correla...

Linux Distros Unpatched Vulnerability : CVE-2022-29526

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could...

Linux Distros Unpatched Vulnerability : CVE-2022-1996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. CVE-2022-1996 Note that Nessus relies on the presence...

Linux Distros Unpatched Vulnerability : CVE-2022-30635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a messa...

Linux Distros Unpatched Vulnerability : CVE-2021-3842

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nltk is vulnerable to Inefficient Regular Expression Complexity CVE-2021-3842 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2020-36309

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or...

Linux Distros Unpatched Vulnerability : CVE-2024-36039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict. CVE-2024-36039 Note that Nessus relies ...

Linux Distros Unpatched Vulnerability : CVE-2024-38628

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: uaudio: Fix race condition use of controls after free during gadget unbind. Hang on to the control IDs instead of pointers since those are correctl...

Linux Distros Unpatched Vulnerability : CVE-2022-31620

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access...

Linux Distros Unpatched Vulnerability : CVE-2015-1850

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was n...

Linux Distros Unpatched Vulnerability : CVE-2017-0605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was n...

Linux Distros Unpatched Vulnerability : CVE-2013-4280

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insecure temporary file vulnerability in RedHat vsdm 4.9.6. CVE-2013-4280 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2021-30498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libcaca. A heap buffer overflow in export.c in function exporttga might lead to memory corruption and other potential consequences...

Linux Distros Unpatched Vulnerability : CVE-2019-3865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay. Attackers are able to use the name fiel...

Linux Distros Unpatched Vulnerability : CVE-2012-3541

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was n...

Linux Distros Unpatched Vulnerability : CVE-2016-1867

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The jpcpinextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service out- of-bounds read and application crash via a crafted JPEG...